topologically assigned to network attachment points, used for routing and forwarding of packets through the network

Endpoint Identifiers (EIDs)

assigned independently from the network topology, are used for numbering devices, aggregated along administrative boundaries

LISP then defines functions for mapping between the two numbering spaces and for encapsulating traffic originated by devices using non-routeable EIDs for transport across a network infrastructure that routes and forwards using RLOCs. Both RLOCs and EIDs are syntactically-identical to IP addresses; it is the semantics of how they are used that differs.

Definition

Provider Independent (PI) address

- An address block assigned from a pool where blocks are not associated with any particular location in the network

- Not topologically aggregatable in the routing system

Provider Assigned (PA) address

- An address block assigned to a site by each service provider to which a site connects

- Each block is sub-block of a service provider CIDR block and is aggregated into the larger block before being advertised into the global Internet

Routing Locator (RLOC)

- RLOC is an IPv4 or IPv6 address of an egress tunnel router (ETR)

- RLOC is the output of a EID to RLOC mapping lookup

- 1 EID maps to 1 or more RLOCs

- Multiple RLOCs can be assigned to the same ETR device or to multiple ETR devices at a site

Endpoint ID (EID)

- A 32-bit (IPv4) or 128-bit (IPv6) value used in the source and destination address fields of the first (most inner) LISP header of a packet

- The host obtains the destination EID similar to DNS

- Source EID is obtained via existing mechanisms used to set a host's local IP address

- An EID is allocated to a host from an EID-prefix block associated with the site where the host is located

- EIDs MUST NOT be used as LISP RLOCs

EID-prefix

- A power of two block of EIDs

- allocated to a site by an address allocation authority

- EID prefixes are associated with a set of RLOC address which make up a database mapping

Ingress Tunnel Router (ITR)

- A router which accepts an IP packet with a single IP header (does not contain a LISP header)

- The router treats this inner IP destination address as an EID and performs an EID to RLOC mapping lookup

- The router then prepends an outer IP header with one of its globally routable RLOCs in the source address field

- ITR receives IP packets from site end systems on one side and sends LISP-encapsulated IP packets toward the Internet on the other side

Egress Tunnel Router (ETR)

- An ETR is a router that accepts an IP packet where the destination address in the outer IP header is one of its own RLOCs

- The router strips the outer header and forwards the packet based on the next IP header found

- ETR receives LISP encapsulated IP packets from the Internet on one side and sends decapsulated IP packets to site end system on the other side

xTR

- ITR or ETR - tunnel endpoint

EID-to-RLOC cache

- short lived, on demand table in an ITR

EID to RLOC database

- global distributed database that contains all known EID-prefix to RLOC mappings

- EIDs are not expected to be usable for global end-to-end communication in the absence of an EID-to-RLOC mapping operation

- maximum 2 LISP headers can be prepended to a packet - first header as Location / Identity separation and second prepended header inside service provider for TE purposes

- Map-Requests can be sent on the underlying routing system topology or over an alternative topology

- Map-Replies are sent on the underlying routing system topology

Packet Flow

1. host1.example.abc.com wants to open a TCP connection to host2.example.xyz.com

2. It does a DNS lookup on host2.example.xyz.com

3. A/AAAA record is returned. This address is the destination EID

4. Locally assigned address of host1.example.abc.com is source EID

5. Packet is built and forwarded through the LISP site as a normal packet until reaches ITR

6. ITR must be able to map the EID destination to an RLOC of one of the ETRs at the destination site. The ITR will send a LISP Map-Request, and it should be rate-limited

7. When an alternate mapping system (ALT) is not in use, the Map-Request packet is routed through the underlying routing system. Otherwise the Map-Request packet is routed on an alternate logical topology

8. Map-requests arrives at one of the ETRs at the destination site

9. ETR looks at the destination EID of the Map-Request and matches it against the prefixes in the ETR's configured EID-to-RLOC mapping database. This is the list of EID-prefixes the ETR is supporting for site it resides in

10. If there is no match, Map-Request is dropped. Otherwise a LISP Map-Reply is returned to the ITR

11. The ITR receives the Map-Reply message, parses the messages and stores the mapping information from the packet. This information is stored in the ITR's EID-to-RLOC mapping cache. Note that the map cache is an on-demand cache

12. Subsequent packets from host1 to host 2 will have LISP header prepended by the ITR using the appropriate RLOC as the LISP header destination address learned from the ETR

13. ETR receives these packets directly, strips the LISP header and forwards the packets to the attached destination hosts